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DETAILED ACTION 
Response to Amendment 
This office action is in response to amendment filed on 01/26/05. Applicant added claim 
15. The amendment filed on 01/26/05 have been entered and made of record. Therefore, 
presently pending claims are 1-15. 



Response to Arguments 

Applicant's arguments filed 01/26/05 have been fully considered but they are not 
persuasive because of following reasons. 

Applicant argued that the present invention messages are exchanged between only two 
entities, the terminal and the network. This is not found persuasive. The limitations of claim 1 
and claim 15 do not disclose message exchange between only two entities. The Umitations 
disclose messages that are exchanged between the network, terminal, and network. The 
defmition of network is a group of computers and associated devices. Therefore in the claims 1 
and 15 the limitations include more that two entities by message exchange with a network. 

Applicant argued further that Ganesan fails to disclose that response 1 sent from the 
terminal to the network is equal to challenge2, whereby the network has requested response 2 
together with challenge 1 and response 1. Kc,s (Challenge 2) which must be calculated from 
message 4 where the knowledge of Kc,s allows the Response 2 (message 6) to be sent just as 
knowledge of Challenge 2 allows a correct Response 2. There message 6 includes Kc,s 
(Challenge 2), the Response 2 is the encrypted ts using Kc,s, by using Kc,s indicates that the 
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client knows Ks and therefore correct encryption of ts using Kc,s is equivalent to sending the 
value and therefore the Response 1 . 

Applicant argued further that Ganesan relates to a method for securing communications 
using split private key asymmetric cryptography, and does not disclose or suggest a method for 
mutual authentication of components in a communication network using a challenge-response 
method. The appUcant has misrepresented the reference Ganesan, which is a method of 
authentication (abstract). Although the applicant has disclosed a method for mutual 
authentication of components in a network using a challenge-response method in the preamble, 
the applicant does not disclose the recited information in the body of the claim. In response to 
applicant's arguments, the recitation a method for mutual authentication of components in a 
network using a challenge-response method has not been given patentable weight because the 
recitation occurs in the preamble. A preamble is generally not accorded any patentable weight 
where it merely recites the purpose of a process or the intended use of a structure, and where the 
body of the claim does not depend on the preamble for completeness but, instead, the process 
steps or structural limitations are able to stand alone. See In re Hirao, 535 F,2d 67, 190 
USPQ 15 (CCPA 1976) and Kropa v. Robie, 187 F.2d 150, 152, 88 USPQ 478, 481 (CCPA 
1951). 

The applicant argues further that Ganesan does not disclose a direct link between the 
service server and either of the authentication server or the ticket-granting server. In response to 
appUcant's argument that the references fail to show certain features of apphcant's invention, it is 
noted that the features upon which appUcant reUes (i.e., direct link between the service server 
and either of the authentication server of the ticket granting server) are not recited in the rejected 
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claim(s). Although the claims are interpreted in light of the specification, limitations from the 
specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 181, 26 
USPQ2d 1057 (Fed. Cir. 1993). The claims recite sending responses and receiving requests 
from the network: a network is computers connected to each other. The computers in Ganesan 
are connected to each other as shown in Fig. 2. 

The appUcant argued further Schneier discloses only that keys may be random-bit strings 
generated by some automatic process, and does not disclose the authentication procedure of the 
present appUcation as described above. This is not found persuasive. In the combination of 
Ganesan and Schneier, Ganesan discloses the authentication step and Schneier discloses the keys 
as random numbers. 

The applicant argued further that Tsubakiyama does not indicate that the network 
interprets the message CI as the message C2. This is not persuasive. The definition of interpret 
is to present in understandable terms. CI is presented to the user named I in terms that the user 
can understand the value dl and therefore use the combiner (1 1) to determine C2. Therefore the 
system interprets (places in understandable terms) the CI as the message C2. 

The appUcant discloses the Clark et al does not disclose or suggest the use of two 
challenge values and two response values for authentication. The examiner regrets the typo that 
left Clark in the rejections for the dependent claims. This has been replaced by Ganesan to 
disclose the authentication process and Shneier for the keys as random numbers. Ganesan has 
been discussed above. 

The examiner asserts that Ganesan and Schneier do teach or suggest the subject matter 
broadly recited in independent Claims 1 and 15. Dependent Claims 2-14 are also rejected at least 
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by virtue of their dependency on independent claims and by other reason set forth in this office 
action. Accordingly, rejections for claims 1-14 are respectfully maintained. Included in the 
rejection to claim 1 is the rejection for claim 15. 



Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1 and 15y^ rejected under 35 U.S.C. 103(a) as being unpatentable over the article 
by Ganesan (5,535,276) in view of Schneier. 

Ganesan discloses a method for mutual authentication of components in a network using 
a challenge-response method to authenticate a client 1 10 to a server 150 (Fig. 2) 

Requesting at least one data pair including a first random number (Challenge 1) and a 
first response (Response 1) from an authentication center using a request form the network. 
Ganesan discloses a client request that requests authentication services and therefore a data pair 
from a secure environment and specifically from an Authentication server (message 1 column 15 
lines 33-60). After authenticating itself to the authentication server, and therefore to the secure 
environment as part of the request for authentication, the ticket granting server that is a part of 
the secure environment responds with the information (data pair) that the client uses to 
authenticate themselves 
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Regarding passing the first random number (Challenge 1) to the terminal which 
calculates the first response (Response 1) based upon an internally stored key and the first 
random number (Challenge 1). The Ticket granting server, that is a part of security environment 
(authentication center), sends message 4 to the cUent for communication. The message is 
encrypted by keys Kc,tgs and Ks, which are random numbers resulting in a random number for the 
message. The internally stored key is Kc,tgs that the client uses to calculate the session key Kc,s 
(column 17 lines 5-20). 

Ganesan further discloses sending the calculated first response to the network. The 
response (message 5') includes, among other parts, the session key Kc,s, which is used as part of 
the Challenge to the server 150. The message 5 is sent to the network (column 15 lines 10-16) 
and specifically to the server 150 

^ Ganesan teaches responding to a second random number with a second response 
(Response 2) calculated in the authentication center, the response performed by the network 
wherein the first response sent fi'om the terminal to the network is also used as the second 
random number (Challenge 2), whereby the network has previously requested the second 
response (Response 2) fi-om the authentication. The second response (message 6') contains the 
ticket information, which is calculated by the secure environment (column 5 lines 50-55 in 
combination with column 18 lines 1-10). The second random number is Ks, therefore the server 
150 must prove its knowledge of Ks by sending the message 6 (Response 2). By proving the 
knowledge of Ks, then the network interprets the calculated first response sent back fi*om the 
terminal as the Challenge 2. Since knowledge of Ks provides the correct message 6. 

Ganesan does not expressly disclose the keys are random number. 
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However, Schneier discloses that good keys are random numbers (page 173). 

At the time the invention v^as made, it would have been obvious to a person of ordinary 
skill in the art disclose keys as random number as in Schneier in the system of Ganesan. One of 
ordinary skill in the art would have been motivated to do this because random numbers make 
good keys; good keys are those that are not easily determined. 

Claims 2-14 are rejected under 35 U.S.C. 103(a) as being unpatentable over Ganesan and 
Schneier as applied to claim 1 above, and further in view of Tsubakiyama (5,544,245). 

In reference to claims 2 and 7, Ganesan does not expressly disclose a method wherein the 
network interprets the calculated first response sent back from the terminal as the second random 
number. 

Tsubakiyama suggests a method (Fig. 2) where the message sent from the network N 
(CI) is used as a challenge to the user named i who interprets the challenge and responds to the 
challenge with the response C2. Therefore, the challenge is a message, which is interpreted and 
a response to the challenge is created and sent. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the response given by the terminal in the system of Ganesan as the 
challenge as in the method of Tsubakiyama, One of ordinary skill in the art would have been 
motivated to do this because it would provide a mutual authentication which enables the network 
and each user to authenticate each other without inviting the chosen plaintext attack and the 
known plaintext attack on the encryption algorithm in the authentication protocol and permits the 
deliver of a key for cipher communication without the need of increasing the amount of data to 
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be transmitted for the protocol for mutual authentication between the network and each user 
(Tsubakiyama column 2 lines 36-46). 

In reference to claim 3, wherein the first random number (Challenge 1) and the second 
response (Response 2) are transmitted from the network (N) to the terminal (M) immediately 
successively in time (Tsubakiyama Fig. 2). 

In reference to claim 4, wherein the data pair (Challenge 1 /Response 2) is transmitted 
from the network (N) to the terminal (M) simultaneously, in the form of a single data set. 

Ganesan does not expressly disclose sending the Challenge 1 and Response 2 in one 
transmission over the network. 

However, at the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to send the Challenge 1 and Response 2 in one transmission over the 
network if device has the technical capabilities. One of ordinary skill in the art would have been 
motivated to do this because consolidating the messages would reduce the traffic on the network. 

In reference to claims 5 and 6^ wherein the network requests data sets from the 
authentication center (AUC) in the form of triplet data sets (Challenge 1 /Response 1 /Response 
2). Message 2 of section 6.3. 1 discloses a system where the Challenge and response is sent to 
principal A. 

In reference to claims 8-10, wherein the filling out process is carried out on a 
subscriber-specific basis, and wherein the complete length of the first response (Response 1) is 
shortened before transmission to the other station. Tsubakiyama discloses the manipulation of 
the data sent to the subscriber (user) to create a key (column 5 lines 12-15). 
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In reference to claim 11, wherein the network is a GSM network. Tsubakiyama discloses 
the network in Fig. 2. The GSM is a type of wireless network and therefore is encompassed in 
Tsubakiyama' s description. 

In reference to claim 12, wherein the network is a wire-based network. Tsubakiyama 
discloses a network in Fig. 2 which encompasses the wire-based network. 

In reference to claim 13, wherein the individual, mutually authenticating components in a 
wire-based network are different monitoring units of computers which authenticate themselves 
with a central computer. The user in Tsubakiyama authenticates themselves to the network, 
which has a database of keys to use for communication with the different user. It therefore 
behaves like a central computer. 

In reference to claim 14, wherein the AUC calculates the triplet data sets requested by the 
network and transmits these to the network off-line and independently of time, on request by the 
network, but in any case before the data interchange between the network and the terminal. 
Ganesan discloses the messages 1-4 (Fig, 2) being used for receiving and requesting the 
authentication data. Therefore, this is performed before the communications between the client 
110 and the server 150, 

Conclusion 

THIS ACTION IS MADE FINAL. AppUcant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS fi-om the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
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the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the maiUng date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W. Klimach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
appUcations is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

PWK 

Monday, May 16, 2005 




